be5603c2aac8bc23e5e2817af711afc3a91710b313ecf0cf608b3fd3ec233691 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be5603c2aac8bc23e5e2817af711afc3a91710b313ecf0cf608b3fd3ec233691
Size

2.2MB
MD5

3846b97358d5e2cf6fd3347b4b1e2932
SHA1

6485361a1156d5de047392cde9fafa3d14d6807e
SHA256

be5603c2aac8bc23e5e2817af711afc3a91710b313ecf0cf608b3fd3ec233691
SHA512

5d09d78452279f6f8217c73f571cc5fd46aae1e12fd9912260016ee217189bb4ad0a808a9537f2de75726366c0801c49f08c014d794bb9a849d3b5a3d379ec1f
SSDEEP

49152:PF0w48BvABKcfjMyPeQnd5jtXhO+WOY299:Pq8sKSZg+Wg

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

be5603c2aac8bc23e5e2817af711afc3a91710b313ecf0cf608b3fd3ec233691
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 404KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 984KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ